Tag feed

#offensive-security

84 posts31 followers

Explore Hashnode

Alternatives

Trending tags this week

FVFelix Voigtfelix-voigt.hashnode.devApr 3 · 9 min read

Part 4: WPA2/3-Mixed Mode (Downgrade & Rogue Access Point)

1. Executive Summary Although WPA3 effectively mitigates the offline dictionary attacks that troubled its predecessor, modern enterprise and home network infrastructures still rely on backward compati

0

SRSatyam Rastogisatyamrastogi.hashnode.devApr 4 · 6 min read

Black Hat USA 2026: Critical Exploitation Trends & Attack Surface Evolution

Originally published on satyamrastogi.com Black Hat USA 2026 revealed critical shifts in attack methodology: AI-assisted vulnerability discovery, supply chain exploitation at scale, and cloud infrastructure compromise techniques. Red teams must adap...

0

FVFelix Voigtfelix-voigt.hashnode.devApr 3 · 7 min read

Part 1: Pin-based Attacks on 802.11 (Legacy & WPS)

1. Executive Summary It must be stated upfront that in contemporary red teaming engagements, Wi-Fi Protected Setup (WPS) is largely considered a dead attack vector. The Wi-Fi Alliance has deprecated P

0

FVFelix Voigtfelix-voigt.hashnode.devApr 3 · 9 min read

Part 2: WPA2 PMKID (Silent & Clientless Attacks)

1. Executive Summary The PMKID attack represents a significant paradigm shift in 802.11 wireless network exploitation. This vector exploits a historical implementation flaw in the IEEE 802.11i Robust

0

EEEmma Engströmpentesting-dvwa.hashnode.devMar 29 · 14 min read

DOM-Based XSS in DVWA

Introduction This post examines a DOM-based cross-site scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA) and demonstrates how it can be exploited to achieve client-side code

0

EEEmma Engströmpentesting-dvwa.hashnode.devMar 25 · 12 min read

Stored XSS in DVWA

Introduction This post examines a Stored Cross-Site Scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA), and demonstrates how it can be used to achieve persistent client-side c

0

EEEmma Engströmpentesting-dvwa.hashnode.devMar 19 · 14 min read

Reflected XSS in DVWA

Introduction This post demonstrates how a reflected Cross-Site Scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA) can be exploited to execute malicious client-side scripts in

0

ASaviral srivastavaaviraxroot.hashnode.devMar 16 · 13 min read

I Found a SQL Injection in an AI Agent. It Taught Me That We Broke the First Rule of Database Security.

I was two hours into auditing AnythingLLM when I stopped scrolling and stared at my screen for a good ten seconds. Not because the code was complex. Because it was the opposite. javascript getTableSch

0

EEEmma Engströmpentesting-dvwa.hashnode.devMar 12 · 15 min read

File Upload in DVWA

Introduction This post demonstrates how a file upload vulnerability in the Damn Vulnerable Web Application (DVWA) can be exploited to achieve remote code execution. The objective of the attack is to u

0

EEEmma Engströmpentesting-dvwa.hashnode.devMar 8 · 16 min read

Brute Force in DVWA

Introduction This post explores the brute-force vulnerability in the Damn Vulnerable Web Application (DVWA). The objective of the attack is to gain unauthorised access to the application by discoverin

0

#offensive-security

Search Hashnode

#offensive-security

Explore Hashnode

Trending tags this week

Part 4: WPA2/3-Mixed Mode (Downgrade & Rogue Access Point)

Black Hat USA 2026: Critical Exploitation Trends & Attack Surface Evolution

Part 1: Pin-based Attacks on 802.11 (Legacy & WPS)

Part 2: WPA2 PMKID (Silent & Clientless Attacks)

DOM-Based XSS in DVWA

Stored XSS in DVWA

Reflected XSS in DVWA

I Found a SQL Injection in an AI Agent. It Taught Me That We Broke the First Rule of Database Security.

File Upload in DVWA

Brute Force in DVWA